Security models for applications typically involve showing a user some kind of a dialog at the time of installation of the application. The user may be provided an opportunity to review various access permissions and accept them. After such user acceptance, the installed application generally has access to a set of application programming interfaces (APIs) on a going forward basis. Certain APIs, to which the installed application has access, may relate to the user's sensitive data or information.